 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Kent Borg wrote:
> Now I have to trust that my browser will keep [the private key] securely.
>
> ...shifts it to a little used feature browser that is likely little
> audited...
True, but usage leads to greater scrutiny. A bit of a catch-22.
I'm guessing the feature is underutilized not because it is viewed as
insecure, but because 1. developers just aren't aware of it, 2. it's
perceived as being user unfriendly, or 3. companies fear users are just
too comfortable with the idea of passwords and won't be able to wrap
their head around PKI, resulting in their customers having the false
impression that they have weak security.
> Steal that file and you are in.
Sure, but which is an easier task: teaching grandma how to use Keepass
to shuttle credentials between two applications, or fixing flaws in
Firefox's security architecture (if any[1]) such that private keys are
held securely? (Which means using a master password.)
One of the top things I'd be concerned about is whether Firefox can
adequately keep the key store secure from the reach of extensions and
plugins.
(All of the above could also be said about the password manager built-in
to FF, which for average users is going to be easier to deal with than a
separate password safe, like Keepass. Client side certificates are still
going to be more resistant to phishing sites, due to the PKI handshake,
and far easier to facilitate login automation. No more silly banking
sites that split the login across multiple pages.)
1. Note that I said architecture. Hardly any implementation will be
without some flaws, but they should be small, with limited consequences,
if the architecture is sound.
Edward Ned Harvey wrote:
> Install [the private key] into the OS... Now, whenever any app wants to
> use that cert, it must request permission from the OS, which prompts me
> to allow/disallow.
A fine solution for us, but less ideal for average users. More prompts
often make things worse.
Can you do that on Linux? I know Ubuntu (GNOME) has a keychain manager
("Passwords and keys"[2]), and that Chrome will use it, but how about
Firefox?
2. https://projects.gnome.org/seahorse/
-Tom
--
Tom Metro
Venture Logic, Newton, MA, USA
"Enterprise solutions through open source."
Professional Profile: http://tmetro.venturelogic.com/
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
